W2K sp4, mdac 2.5sp3, and hfnetchk 3.86
From: Steve Warrick (swarrick_at_VT.EDU)
Date: 07/17/03
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Patch. While we have time."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jul 2003 08:40:37 -0400 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Hello,
It seems as though according to Shavlik's hfnetchk 3.86 (free version),
Windows 2000 sp4 has introduced a newer mdac 2.5 sp3 file. The file in
question has a different checksum, yet the same version number.
in shavlik xml mode, hfnetchk 3.86 said:
* MDAC 2.5 SP3
Patch NOT Installed MS02-065 Q329414
File C:\Program Files\Common Files\System\msadc\msadce.dll has an
invalid checksum and its file version [2.53.6202.0] is equal to what
is expected [2.53.6202.0].
in microsoft xml mode, hfnetchk 3.86 said:
* MDAC 2.5 SP3
Note MS02-065 329414
Please refer to http://hfnetchk.shavlik.com/support for a detailed
explanation. Refer to the section on Note Messages.
(I have been told that if MS02-065 is reinstalled after sp4, the checksums
then line up again to what is expected.)
So we performed md5 checksums:
Installation of SP 4 gives you:
Msadce.dll
860,160 bytes
Version 2.53.6202.0
md5 checksum of: 6C59F92A5C4E162EA0F4425D8F20F5
Installation of Hotfix MS02-065 (Q329414) give you:
Msadce.dll
860,160 bytes
Version 2.53.6202.0
md5 checksum of: 19D4111A97A2D04B71E325B487D18E9
BACKGROUND:
For weeks before installing sp4, hfnetchk 3.86 said I had all patches to
date applied (I keep them current). I first noticed this condition
immediately after installing sp4 on my two Windows 2000 Pro boxes.
I waited a week to see if maybe the xml file was just incorrect (and would
get updated by Shavlik or MS), but the message persists.
I contacted Shavlik technical support, and they said they cannot reproduce
it, but later said that it looks like the file was updated (by Microsoft)
in sp4 without changing the version number. Their recommendation was to
turn off checksum checking in hfnetchk, or go to MDAC 2.7 sp1.
I contacted Microsoft, and they are having me do checks with hfnetchk 3.32
and mbsa 1.1.1, as well as doing some checking on their end.
I thought I would write (Russ and) the list to see if anyone else is
experiencing this problem, has an explanation for it, or other observations
pertaining to it. In a very limited query, I know of at least three other
machines not administered by myself at my institution that are experiencing
this problem.
Thanks,
Steve Warrick
VTmig (Virginia Tech Microsoft Implementation Group), http://vtmig.w2k.vt.edu
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available. And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]: "Patch. While we have time."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
